| The capabilities described on this page are included in Appian's standard capability tier. Usage limits may apply. |
Service accounts are the main way that you manage end user security for your portal. A service account is an Appian user account and uses an API key or Appian account credentials to allow your end users to do the following actions in your portal:
To allow your end users access to these actions in your portal, add your service account to end user groups that have permissions to the data stores, record types, and document folders that are used in your portal. See Set up service account permissions for more information.
You can only link one service account to your portal object. If you're using both documents and external databases, use the same service account for both. If you have service accounts that are only used with web APIs to write or query data from Appian or other non-public external databases, you don't need to add them in portal object.
If you don't already have a service account in your environment, you can create a service account from scratch or create a service account when you create an API key.
To create a service account from scratch:
Using service accounts makes it extremely hard to unintentionally expose data or documents in a portal, which means that your data and documents stay secure.
While sharing your data and documents in portals isn't a security vulnerability, we do recommend that you only grant the service accounts' access to the data and documents that are needed for the portal. Developers should be intentional about what information is made public.
